IT GRC Consultant (Singapore)

Building a Safer Cyberspace: At Horangi, we’re passionate about building a safer cyberspace and creating software that solves challenging cybersecurity problems. Horangi focuses on building partnerships with our customers, developing an understanding of their business goals and building a security strategy that helps achieve their objectives. Horangi’s personnel have extensive engineering experience and a strong background in offensive security, defensive security, and strategic consulting including both large multinational networks and small organizations with focused missions. We enjoy solving tough security problems and we are eager to find new challenges and build new relationships.IT Governance, Risk and Compliance (GRC) is a newly-established division in a sophisticated IT infrastructure and networking ecosystem, where the team focuses on complying with local and international IT regulations and standards in order for the business to continue operating in their respective regions.Come join us! Play a pivotal role in shaping IT Governance, Risk Management and Compliance strategies!The role:The GRC Consultant will belong to Horangi’s Cyber Operations team and works directly with Horangi’s customers to perform security program and risk assessments, ensuring compliance with relevant governance and regulatory frameworks. They work closely with the engineering team, building up robust risk management capabilities and helping to place Horangi at the top of the cyber security food chain.Gather information pertinent to assessments and analyses by means of collecting documentation and conducting interviews with stakeholdersAssist with the development and implementation of the risk management programs to ensure information security risks are identified and monitored in a timely and effective manner

What you'll do:

• Perform Third Party risk assessments for vendors and partners Governance and Compliance
• Assist with the development and implementation of IT Governance and Compliance policies
• Draft documentation such as standards, guidelines, procedures, and policies
• Help to develop policies to align IT Governance, Risk and Compliance (GRC) objectives
• Perform compliance gap analyses and conduct workshops for stakeholders

What you'll need to succeed:

• Minimum 2 years of working experience in Governance, Risk and Compliance (GRC)
• Working knowledge or experience with GRC Frameworks and NIST Standards
• Experience with ISMS development and implementation 
• Experience with Compliance, IT Risk Management and Third party risk management
• Experience with industry standards related to IT Controls – ISO 27001, ISO 27017, ISO 27018, NIST, Cloud Security;
• Experience with Data Privacy and Protection
• CISM or CISA certifications are preferred but not mandatory